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Abstract. Let f{x) be a separable polynomial over a local field. Montes algorithm com- 
putes certain approximations to the different irreducible factors of f{x), with strong arith- 
metic properties. In this paper we develop an algorithm to improve any one of these ap- 
proximations, till a prescribed precision is attained. The most natural application of this 
"single-factor lifting" routine is to combine it with Montes algorithm to provide a fast poly- 
nomial factorization algorithm. Moreover, the single-factor lifting algorithm may be applied 
as well to accelerate the computational resolution of several global arithmetic problems in 
which the improvement of an approximation to a single local irreducible factor of a polyno- 
mial is required. 

1. Introduction 

Polynomial factorization over local fields is an important problem with many applications 
in computational number theory and algebraic geometry. The problem of factoring poly- 
nomials over local fields is closely related to several other computational problems, namely 
the computation of integral bases and the decomposition of ideals. Indeed, the factorization 
algorithms |FPR02l iPaOT] implemented in Pari |PA08j and Magma [CaTO] are based on the 
Round Four algorithm |Fo87j which was originally conceived as an integral bases algorithm. 
A similar algorithm was developed by Cantor and Gordon |CG00j . All algorithms mentioned 
above suffer from precision loss in the computation of characteristic polynomials, which are 
used in the core part of the algorithm as well as in the lifting of the factorization. 

In Montes algorithm |HN08l IGMNOSj , originally conceived as an ideal decomposition al- 
gorithm |Mo99j . these precision problems do not exist. It computes what we call Montes 
approximations (cf. section |4]) to the irreducible factors of a separable polynomial over a 
local field, along with other data needed for the computation of integral bases and ideal 
factorization, extremely efficiently. These approximations can be lifted to an arbitrary pre- 
cision with further iterations of Montes algorithm |GMN09l Sec. 4. 3], but the convergence of 
this method is linear and it is slow in practice. We present in this paper a single-factor lift- 
ing algorithm, that lifts a Montes approximation to an irreducible polynomial to any given 
precision, with quadratic convergence. 

The combination of Montes algorithm and the single-factor lifting algorithm leads to a fast 
factorization algorithm for polynomials over local fields. For a fixed prime number p, this 
algorithm finds an approximation, with a prescribed precision G N, to all the irreducible 
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factors of a degree n separable polynomial, f{x) G Zp[x], in O (n^"'"^fp(disc(/))^"'"^ + n^z/^"*"^) 
operations with integers less than p. 

Also, the single-factor lifting algorithm leads to a significant acceleration of the +Ideals 
package |GMN10b] . This package contains several routines to deal with fractional ideals 
in number fields, and it is based on the Okutsu-Montes representations of the prime ideals 
[GMNlOj . Several of these routines use Montes approximations that need to be improved 
up to certain precision, and the single-factor lifting brings these routines to an optimal 
performance. 

The outline of the paper is as follows. In section [2] we give an overview of Montes algorithm 
and the interpretation of its output in terms of Okutsu invariants of the irreducible factors 
of the input polynomial f{x). Among them, the Okutsu depth of each irreducible factor has 
a strong influence on the computational complexity of f{x). In section [3] we introduce a new 
Okutsu invariant: the width of an irreducible polynomial over a local field. This invariant 
completes the family of invariants that determine the computational complexity of such an 
irreducible polynomial: degree, height, index, depth and width. In an Appendix we present 
families of test polynomials with a controlled variation of all these invariants. We hope 
that these polynomials may be useful to test other arithmetic algorithms and detect their 
strongness and weakness with respect to the variation of each one of these invariants. 

In section |4] we discuss how to measure the quality of a Montes approximation, and what 
arithmetic properties of the irreducible factor we are approximating can be read from a 
sufficiently good approximation. In section |5] we show that a Montes approximation can be 
lifted to an approximation with arbitrary precision, with quadratic convergence. In section 
[6] we give an algorithm for this lifting procedure and discuss its complexity. Finally, in 
section [7} we present some running times of the factorization algorithm on the families of 
test polynomials introduced in the Appendix. 

Notation. Throughout the paper we fix a local field K, that is, a complete field with respect 
to a discrete valuation v. We let O be its ring of integers, m the maximal ideal of C, vr G m 
a generator of m, F = O/m the residue class field of K, which is suposed to be perfect, and 

: 0[x] — y ¥[x] the natural reduction map. We write v. K^^^ — )■ QU{cxo} for the canonical 
extension of v to an algebraic closure K^^^ of K, normalized such that f (vr) = 1, and denote 
by K^^^ C K^^^ the separable closure of K in K^^^. 

Given a field J-" and two polynomials ip{y), "ipiy) G J^[y], we denote by s = ord^ the 
largest exponent s with ip{y)'^ \ (p{y)- Also, we write (p{y) ~ "ipiy) to indicate that there 
exists a constant c E J^* such that (p{y) = ci/j{y). 

2. Complete types and Okutsu invariants 

In this section we give an overview of Montes algorithm |HN08l IGMNOSj and the interpre- 
tation of its output in terms of Okutsu invariants |GMN09] . Although most of the results 
about Montes algorithm are formulated for separable polynomials over the ring of integers 
of a p-adic field, they can be easily generalized to separable monic polynomials with integral 
coefficients over local fields with perfect residue field. In this paper we work in the general 
setting. A variant of Montes algorithm formulated for polynomials over locally compact local 
fields is given in |PalO] . 
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Let f{x) e 0[x] be a monic separable polynomial. An application of Montes algorithm 
determines a family of f -complete and optimal types, that are in one-to-one correspondence 
to the irreducible factors of f{x). 

Let t be the /-complete and optimal type that corresponds to an irreducible factor F{x) 
of f{x) e 0[x]. Let 9 e X^'^P be a root of F{x) and denote L = K{9). The type t has an 
order, which is a non- negative integer. If t has order 0, then it corresponds to an irreducible 
factor (say) ip{x) of f{x) over ¥[x], that divides f{x) with exponent one; in this case L is 
the unramified extension of K of degree deg^. If t has order r > 1, then t is structured 
into r levels. At each level 1 < i < r, the type stores a monic separable irreducible poly- 
nomial (j)i{x) G 0[x] and several invariants, that are linked to combinatorial and arithmetic 
properties of Newton polygons of higher order of f{x) and capture many properties of the 
extension L/K. The polynomials 0i, ... ,((),. arc a sequence of approximations to F{x) with 

v{(t>,{e))<---<v{4>r{e)). 

In general we measure the quality of an approximation (f)[x) to F{x) by the valuation 
The most important invariants of the type t for each level 1 <i <r are: 

(t)i{x) & 0[x] a monic irreducible separable polynomial 

rui = (leg(j)i{x) 

Xi = —hi/ei where hi,ei are positive coprime integers 

Vi = ei-ifi-i{ei-iVi-i + hi-i) G Z>o 

■01 (y) G '¥i{y\ a monic irreducible polynomial 
fi = degV'»(y) 
F,+i = ¥i[y]/{i^i{y)) 

Zi the class of y in Fj+i, so that i'i{zi) = 

In the initial step of Montes algorithm the type stores some invariants of level zero, like the 
monic irreducible factor ipQ{y) of F{y) in ¥[y], which is obtained from a factorization of f{y). 
We set 

eo = l, ho = Vo = 0, /o = deg^o, Fo = F, ¥, = ¥o[y]/ (Mv)), 

and denote by zq G Fi the class of y in ¥i. These initial invariants are computed for all 
types, including those of order 0. 

By construction, the polynomials have degree = (/o/i ■ • ■ • • • Cj-i), so 

that mi \ ■ ■ ■ \ rrir. Note that the fields Fj form a tower of finite extensions of the residue 
field: 

F = Fo C Fi C ■•■ C F,.+i, 

with F,+i = ¥,[zi] = ¥o[zo, ...,Zi], and [F,+i : Fq] = /o/i ■ ■ ■ U 

In each iteration the invariants of a certain level are determined from the data for the 
previous levels and f{x). Besides the "physical" invariants, there are other operators deter- 
mined by the invariants of each level 1 < i < r of the type t, which are necessary to compute 
the invariants of the next level: 

Vi : K{x) — >■ Z U {oo} a discrete valuation of the field K{x) 
Ni'. K[x\ — )■ 2*^ a Newton polygon operator 

Ri : 0[x] ^ a residual polynomial operator 
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The discrete valuation vi is the extension of v to K{x) determined by 

f 1 : K[x] — > Z U {oo}, f i(&o + ■ ■ ■ + Kx"^) := mm{v{bj) | < j < r}. 

There is also a 0-th residual polynomial operator, defined by 

Ro: 0[x] — > FoM, g{x) ^ 

The Newton polygon operator Ni is determined by the pair For any non-zero poly- 

nomial g{x) G K[x], with 0j-adic development 

fi'(^) = as(x)0i(x)^ dega^<mj, 

' 's>0 

the polygon Ni{g) is the lower convex hull of the set of points of the plane with coordinates 
{s,Vi{as{x)(f)i{xY)). The negative rational number Aj is the slope of one side of the New- 
ton polygon Ni{f) and the polynomial ipi{y) is a monic irreducible factor of the residual 
polynomial Ri{f){y) in ¥i[y\. 

The triple {(j)i,Vi,\i) determines the discrete valuation Vi+i as follows: for any non-zero 
polynomial g{x) G K[x], take a line of slope Aj far below Ni{g) and let it shift upwards till 
it touches the polygon for the first time; if H is the ordinate of the point of intersection of 
this line with the vertical axis, then ViJ^i{g) = CiH. The invariants Vi G Z>o are actually: 
Vi = Vi{(f)i). 

Definition 2.1. Let t be a type of order r > as above, and let g{x) G 0[x] be a non-zero 
polynomial. 

(1) We say that t is optimal if mi < ■ ■ ■ < m^, or equivalently, Cj/j > 1, for all 1 < i < r. 

(2) We say that t is strongly optimal if Cifi > 1, for all 1 < i < r. 

(3) We define ordt(5') := OTd^^{Rr{g)). 

(4) We say that t is g-complete if ordt(5') = 1. 

(5) We say that g{x) is a representative of t if it is monic of degree rur+i := rrirCrfr, and 
Rr{g) ~ i'r- In this case, g{x) is irreducible over O |HN08t Sec. 2. 3] 

Once an /-complete and optimal type t is computed, the main loop of Montes algorithm 
is applied once more to construct a representative (j)r+i{x) of t. This polynomial has degree 
rUr+i = degF and it is a Montes approximation to F (cf. section [i]). Although we keep 
thinking that t has order r, actually it supports an (r + l)-level with the invariants: 

(f)r+i{x), rrir+i = deg(f)r+i = degF, A^+i = -K+i, e,,+i = 1, 

K+i = Grfri^rVr + hr) = fr+i(0r+i), the discrcte valuatiou Vr+1 and the field ¥r+i, which is 
a computational representation of the residue field of L. 

The crutial property of t is /-completeness. By the theorem of the product |HN08| 
Thm.2.26], the function ordt behaves well with respect to multiplication: 

oidtigh) = oTdt{g) + ordt (/;,), 

for any pair of polynomials g{x), h{x) G 0[x]. Thus, the property ordt(/) = 1 singles out an 
irreducible factor F{x) of /(x) in 0[x], uniquely determined by ordt(-F) = 1 and ordt(G') = 0, 
for any other irreducible factor G{x) of f{x). Note that the type t is F-complete too. 

Given a non-zero polynomial g{x) G 0[x], we are usually interested only in the principal 
part N^{g) of the Newton polygon Ni{g), that is the polygon N~{g) consisting of the sides of 
Ni{g) of negative slope. The length of a Newton polygon is by definition the abscissa of the 
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right end point of the polygon. In the following proposition we recall some more technical 
facts from |HN08j about the invariants introduced above. 

Proposition 2.2. Let g{x) G 0[x] be a non-zero polynomial. 

(1) Ni{F) is one-sided of slope Aj, for all 1 < i < r + 1, and Ri{F){y) ~ ipi{yY\ for 
some positive exponent ai, for all < i < r . 

(2) A^i(0i+i) is one-sided of slope Xi, for all 1 < i < r , and ~ "ipiiv), for all 
0<i<r. 

(3) ord^. Ri{g) coincides with the length of N~j^^[g), for all < i <r. 

(4) v{g{6)) > Vi{g)/{ei ■ ■ ■ Cj-i), for all 1 < i < r + 1. If degg < rrii, then equality holds. 

(5) v{(t)i{e)) = {Vi + |A,|)/(ei ■ • • e,_i), for all 1 < t < r + 1. 

Proposition 2.2 (5) is a particular case of the Theorem of the polygon |HN08l Thm.3.1]. 
There is a natural notion of truncation of a type at a certain level. The type Trunci(t) is 
the type of order i obtained by forgetting all levels of order greater than i. Note that 0j+i(a;) 



is a representative of Truncj(t), by Proposition 2.2 (2). 

The Okutsu depth of the irreducible polynomial F{x) is the non- negative integer |GMN09| 
Thm.4.2]: 

depthfF) = ■= / ^' if "^r < deg F, or r = 0, 

^ ' 1 r — 1, if mj. = degF, and r > 0. 

Since, deg F/rrir = mr+i/nir = Crfr, the Okutsu depth of F is equal to r if and only if Crfr > 
1; that is, if and only if the type t is strongly optimal. Since nii < ■ ■ ■ < niji+i = degF, we 
have clearly R = 0(log(deg F)). 

The family . . . , 0^] is an Okutsu frame of F{x) |GMN09| Thm.3.9]. This means that 
for any monic polynomial g{x) G 0[x] of degree less than degF, we have, for all < i < i?: 

(1) '^^<'^<'^i^, „n.<ie,,<,n.,,, 

degg rrii m+i 

with the convention that ttiq = 1, (f)o{x) = 1. 

The numerical invariants hi, Ci, fi, rrii, v{(j)i{6)), for 1 < i < R, and the discrete valuations 
f 1, . . . , vr+i are canonical invariants of F{x) |GMN09l Cors.3.6+3.7]. They are examples of 
Okutsu invariants of F{x); that is, invariants that can be computed from any Okutsu frame 
of F{x) |GMN09l Sec. 2]. These invariants carry on a lot of information about the arithmetic 
properties of the extension L/K. For instance, 

e{L/K) = d ■ ■ ■ = ei ■ ■ ■ e,., f{,L/K) = /o/i ■■■/« = /o/i ■ ■ ■ /r, 

and the field F/j+i = F^+i is a computational representation of the residue field of L. 

3. Width of an irreducible polynomial over a local field 

Let F{x) G 0[x] he a monic irreducible separable polynomial. Let 6 G K^'^^ be a fixed 
root of F{x), and L = K{6) the finite separable extension of K determined by 6. 

In this section we introduce a new Okutsu invariant of an irreducible polynomial over a 
local field: its width. The depth and width of F{x) have a strong influence on the computa- 
tional complexity of the field L, represented as the field extension of K generated by a root 
of F{x). The relevance of these invariants in a complexity analysis is analogous to that of 
other parameters more commonly used to measure the complexity of F, like the degree, the 
height (maximal size of the coefficients) and the t;- value of the discriminant of F. 
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Let [01, . . . , (t)R\ be an Okutsu frame of F{x). By |GMN09t Thm.3.5], there exists an F- 
complete strongly optimal type of order i?, having 0i, . . . , as its 0-polynomials. Many 
of the data supported by t^T^ are canonical (Okutsu) invariants of F, but the type tp itself is 
not an intrinsic invariant of F. 

Lemma 3.1. Let tp he an F -complete strongly optimal type of order R, and let (pi, . . . ,(f)Ft 
be its family of (^-polynomials. Let (pR+i be a representative of tp, and take (poi^x) := 1, 
mo := 1. For any 1 < i < R -\- 1 and any monic polynomial g{x) G 0[x] of degree mi, the 
following conditions are equivalent: 

(a) Ri-i{g) ^ipi^i- 

(b) v{g{e))/mi > v{(f)i_i{e))/m,^i. 

(c) v{g{e))>V,/{ei---e,^i). 

Proof. Condition (a) says that g{x) is a representative of the truncated type Truncj_i(ti?). 
The fact that a representative of a type satisfies (b) was proven in |GMN09l Lem.3.4]. 
Let us write e := ci ■ ■ ■ Ci-i for simplicity. Conditions (b) and (c) are equivalent because 

Vi ei_i/j_i(ei_iVi_i + Vi-i + \\i-i\ rrii 

— = = ei-ifi-i = v{(f)i-i{e}), 

e e ex--- ei-2 mi_i 



the last equality by the Theorem of the polygon (Proposition 2.2 (5)). 

Suppose now that (c) is satisfied. Since g and 0j are both monic of degree m^, the 
polynomial a := g — (pi has degree less than m^. By iQ, v{a{e)) > mm{v{g{9)),v{^i{e))} = 
v{g{6)) > Vi/e. By Proposition [2^ (4), Vi{a)/e = v{a{6)) > Vi/e; thus, Vi{a) > Vi and 
v,{g) = Vi. By jEM Prop.2.8,(l)], Ri-i{g) = R^-l{(pi), and this implies Ri-iig) ~ ^i-i, 
by Proposition [2^ (2). □ 

Definition 3.2. For each 1 < z < i? + 1, let C 0[x] be the set of all monic polynomials 
of degree satisfying any of the conditions of Lemma As mentioned along the proof of 
the lemma, the polynomials in Qi are the representatives of the truncated type Truncj_i(tj?); 
thus, they are all irreducible over O. In particular, ^/j+i is the set of representatives of t^;'. 

Actually, is the minimal degree of a polynomial satisfying condition (a) |HN08l Sec. 2. 3]. 
For i < -R, ([T]) shows that the value v{(j)i{6)) is maximal among all polynomials in Qi. 

v{(t>m)><9{d)), ^geg„ l<i<R. 

Since the rational numbers v{(f)i{6)), . . .v{(j)R{9)) are Okutsu invariants of -F(x), the sets 
of polynomials Qi, . . . , Gr+i, and their sets of values 

Vi := {v{g{9)) \ g eGi} CQUoo, l<i<R+l, 

are intrinsic invariants of F{x) too. The sets Vi, . . . ,Vr are finite, because they are bounded 
(by Q) and w is a discrete valuation. However, Vr+i is an infinite set that contains oo, 
because F clearly belongs to Gr+i. 

Definition 3.3. The width of F{x) is the vector of non-negative integers: 

width(F) :=(#Vi,...,#Vk). 

Our next aim is to show that width(F) is an Okutsu invariant of F and to compute it in 
terms of the Okutsu frame [0i, . . . , 0ijj. 
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Proposition 3.4. With the above notation, for each 1 < i < R we have: 

m=\\M] = \hi/e{\. 

Proof. Let us denote e := ei ■ ■ ■ Cj-i for simplicity. 

Any g[x) G is a representative of tlie type Truncj_i(t), and we saw along the proof 



of Lemma 3.1 that Vi{g) = Vi is constant. The Theorem of the polygon |HN08l Thm.3.1], 



applied to both polynomials, shows that 

v{g{e)) = {v,{g) + \\\)/e = {y, + \\\)/e, 
^ ^ vi<l>0)) = iV, + \X,\)/e. 

where A is the slope of the one-sided Newton polygon of i-th order Ng^y.{F), computed with 
respect to g{x) and Vi. 

By |GMN08l Thm.3.1], the property eji > 1 implies that 0, G ^ i is an optimal represen- 
tative of TrunCj_i(ti7); more precisely, this theorem shows that 

(3) |A| < |Ai|, and |A| < |Ai| ^ A G Z. 

Hence, Q and g prove that #Vj < [lAi]]. 

In order to prove the opposite inequality, let us show that for any given integer < d < | A j | , 
there is a monic polynomial g G 0[x] of degree rrii such that v{g{9)) = {Vi + d)/e. Note that 



such a polynomial belongs to Qi because it satisfies (c) of Lemma 3.1 The idea is to spoil 
the optimal polynomial (pi G Qi, by adding an adequate term: g{x) = 4>i{x) + a{x), leading 
to the desired value of v{g{6)). It is sufficient to take a(x) G 0[x\ satisfying 

(4) dega < mj, Vi{a) = Vi + d. 



In fact, by Proposition 2.2 (4), v{a{6)) = Vi{a)/e = {Vi + d)/e < v{(f)i{6)), so that g{x) = 
(pii^x) + a{x) is monic of degree rrii and has value: v{g{6)) = v{a{9)). 

The existence of a{x) G 0[x] satisfying ^ is guaranteed by |HN08t Prop. 2. 10], as long as 
Vi + d > ei-ifi-iVi{(f)i-i). By |HN08l Thm.2.11], we have ej_i/i_iVi((^j_i) = Vi, so that the 
desired inequality is obvious. □ 

The depth of F is linked to the degree: R = 0(log(deg F)), but is is a finer invariant. It is 
easy to construct irreducible polynomials having the same (large) degree, analogous height 
and the same v-value of the discriminant, but prescribed different depths, from i? = 1 to 
R = [log2(deg F)J . A sensible-to-depth algorithm solving some arithmetic task concerning 
these polynomials will be much faster for the polynomials with small depth. 

In the same vein, the width of F is linked to u(disc(F)), but it is a finer invariant. More 
precisely, the width is directly linked to the index ind(F), which is defined as the length of 
Ol/0[9] as an C-module, and it satisfies: f (disc(F)) = t>(disc(L)) + 2 ind(F) . The following 
formula for the index shows the connection between index and width. 

Proposition 3.5. 

deg F sr^ 1 f w \ f ^eg F \ — 1 



ind(F) = ^ ( 



rrii 



Proof. We keep the above notation for tp and . . . ,0_r]. The Newton polygons Ni{F), 
for 1 < i < R, are all one-sided of slope Aj. The length of the projections of Ni{F) to 
the horizontal and vertical axis are E := degF/rrii and H := |Aj|i?, respectively. By the 
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Theorem of the index |HN08l Thm.4.18], md(F) = indi(F) + • • ■ + ind/?(F), where indi(F) 
is /o ■ ■ ■ fi-i times the index of the side Ni{F); that is |HN08l Def.4.12]: 

md,(F) = f^^nJlzl (^\x,\E' -\X,\E-E+fy 

Since E = {dfi) ■ ■ ■ (eRfR), clearly /o ■ ■ ■ fi-iE = deg F/ (ei ■ • ■ ei_i), and indj(F) coincides 
with the i-th term of the sum in the statement of the proposition. □ 

By using the techniques of |HN08l Sec. 2. 3], it is easy to construct irreducible polynomials 
of fixed depth R, and prescribed values of all invariants ei, . . . , cr, fo, ■ ■ ■ , fn, hi, ... , h^. 
Since the degree depends only on the and fi invariants, whereas the slopes Aj depend 
on Cj and hi, we may construct polynomials with the same degree, depth and index, but 
different width. Again, sensible-to-width algorithms solving arithmetic tasks concerning 
these polynomials will be much faster for the polynomials with small width. 

Unfortunately, it is difficult to take into account these invariants in theoretical analysis of 
complexity. For instance, we have not been able to do this in the analysis of the single-factor 
lifting algorithm in section |6| Thus, we thought it might be interesting to test numerically 
the sensibility of the algorithm to as many complexity parameters as possible, including the 
depth and width of the irreducible factors of the input polynomial. To this end, in an ap- 
pendix we present families of test polynomials that, besides the classical parameters, present 
a controlled variation of the number of irreducible factors and the depth and width of each 
factor. In section [7| we present running times of the factorization of some of these test 
polynomials, obtained by applying Montes algorithm followed by the single-factor lifting al- 
gorithm for each of the irreducible factors. The numerical data suggest that this factorization 
algorithm is sensible to both invariants, depth and width. 

4. Montes approximations 

We go back to the situation of section [2j We take an /-complete optimal type t of order 
r, that singles out a (never computed) monic irreducible factor F{x) G 0[x\ of the monic 
separable polynomial f{x) G 0[x\. Let 9 e K^'^^ be a fixed root of F{x), L = K{6) the finite 
separable extension of K determined by 6, and Ol the ring of integers of L. Let R be the 
Okutsu depth of F, and consider the family of canonical sets, Qi, . . . ,Gb.+i, introduced in 
Definition EM 

In this section we deal with approximations to F. We discuss how to measure the quality 
of the approximations and the arithmetic properties oi L/K that can be derived from any 
sufficiently good approximation. 

Definition 4.1. The polynomials in the set Qr+i are called Okutsu approximations to F{x). 
[GMNnQl Sec.4]. 

The representatives of the type t are called Montes approximations to F{x). 

The concept of Okutsu approximation to F{x) is intrinsic (depends only on F{x)), and 
"being an Okutsu approximation to" is an equivalence relation on the set of irreducible 
polynomials in 0[x] |GMN09l Lem.4.3]. 

However, a Montes approximation is an object attached to F{x) as a factor of f{x). 
Hence, it depends on f{x) and it has no sense to interpret it as a binary relation between 
irreducible polynomials. 
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Remark 4.2. Suppose a factorization algorithm is designed in such a way that approxi- 
mations to a certain irreducible factor F of f{x) are constructed, and the iteration steps 
consist of finding, for a given 0, a better approximation $ satisfying v{(j){9)) < v{^{6)). 
Then, by their very definition, the depth and width of F measure the obstruction that the 
algorithm encounters to reach an Okutsu approximation (for the first time). More precisely, 
the sum of the components of the width are an upper bound for the number of iterations. 
Also, the fact that the width is graduated by the depth makes sense because it is highly 
probable that the iterations at a higher depth will have a higher cost. 

Lemma 4.3. A Monies approximation is always an Okutsu approximation. The converse 
holds if and only if R = r. 

Proof, li R = r, then the type t is strongly optimal and the two concepts coincide. In 



fact, t is always F-complete (ordt(-F) = 1), and Lemma 3.1 shows that Gr+i is the set of 
representatives of t. 

Suppose R = r — 1, and let (j)r+i be a Montes approximation to F. The degree of 0^+1 is 
rrir+i = rrir = m^j+i = degF. By the Theorem of the polygon, 

Vr+l CrfrierVr + K) K 
V{(pr+l{0)) > = > 



' ' ' 6y ^ 1_ ' ' ' 6^ ^ 1_ ' ' ' ^ 



because > 0. Therefore, (pr+i satisfies condition (c) of Lemma 3.1 for i = R + 1 = r, and it 
belongs to Gr+i- On the other hand, the polynomial 0^ = (pR+i is an Okutsu approximation 
to F{x), but it is not a representative of t. In fact, the Newton polygon Nr{4>r) is the single 
point (1, Vr); thus, the residual polynomial Rr{(pr) is a constant, and ipr t Rr{4>r)- D 

One cannot expect to deal only with strongly optimal types. For instance, if the polynomial 
f{x) has different irreducible factors that are Okutsu approximations to each other; these 
irreducible factors have the same Okutsu frames |GMN09t Lem.4.3] and hence the same 
strongly optimal types attached to them |GMN09| Thms.3.5-|-3.9]. Therefore, in order to 
distinguish them it is necessary to consider non-strongly optimal types. In other words, once 
we reach an Okutsu approximation (pR+i to F, it may happen that (pR+i is also an Okutsu 
approximation to other irreducible factors of /(x); thus, it is necessary to go one step further 
and compute a Montes approximation (f)R+2 = 4'r+i to F, that singles out this irreducible 
factor. This property suggests that a Montes approximation is the right object to start with 
for a single-factor lifting algorithm, aiming to improve a given approximation to F till a 
prescribed precision is attained. 

Measuring the quality of approximations. For simplicity we set from now on: 
e := e{L/K) = Ci ■ ■ ■ e^, w := fr+i, V := w{(f)r+i) = K+i- 
The following result is an immediate consequence of jHNOSt Thm.2.11+Thm.3.1]. 



Lemma 4.4. Let ^ be a Montes approximation to F. By Proposition 2.2 (3), the principal 
polygon N^^{f) has length one, so that the slope —hq> of its unique side is a negative integer 
(see Figure\^. We have = V and v{^{6)) = {V + hq,) /e. 

As mentioned above, v($(^)) is a measure of the quality of the approximation; hence, the 
integer is the relevant invariant to measure the precision of ^{x) as an approximation to 
F{x). Actually, /i$ is the ideal invariant to look at, because it is also explicitly linked to an 
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estimation of vi{F{x) — $(a;)), which is the traditional value to measure the precision of an 
approximation. 

Lemma 4.5 ( |GMN09| Lem.4.5]). Let G 0[x] be a Monies approximation to F{x) and 
let —hq, he the slope of the principal polygon N^^{f). Then 

F{x) = (mod m^"'^), 

where v = vq + {h^/e) and z/q is the (constant) rational number 

hi h2 K 
(5) z/Q := \ \ h 



ei 6162 Ci- ■ -Cr 

Thus, when we replace $ by successive (better) approximations to F{x), the improvement 
of the precision is determined by the growth of the parameter 

Common arithmetic properties of Montes approximations. Let $(x) be a Montes 
approximation to F. Fix P G K^'^^, a root of $, and consider N = K{I3), On the ring of 
integers of and triAr its maximal ideal. 

Since F and $ are representatives of t, we have: 

degF = deg$, w{F) = w($) = V, ordt(F) = ordt($) = 1. 

By [GMNOQt Lem.4.3] the Okutsu frame . . . , of F{x) is also an Okutsu frame of 
<I>(a;). Therefore the two polynomials F{x) and $(x) have the same Okutsu invariants. In 
particular, the extensions N/K and L/K have the same ramification index and residual 
degree: 

e{L/K) = e{N/K), f{L/K) = f{N/K). 

Actually, as shown in |Oku82] . L/K and N/K have isomorphic maximal tamely ramified 
subextensions |GMN09| Cor.2.9]. Also, Proposition |3. 5 shows that ind(-F) = ind(<l>). 

The field F r+i is a common computational representation of the residue fields of L/K and 
N/K. More precisely, certain rational functions 7j(a;) G K{x), that depend only on the type 
t |HN08t Sec. 2. 4], determine an explicit isomorphism. 



(6) 7-'^r+l )■ Oiv/mAr, Zo^ l3, Zi^-fi{l3), Zr^-fril3). 

And we get a completely analogous isomorphism 7: F^+i — > Om/^m, just by replacing (3 
by a. 

The exponent of F{x) is by definition the least non-negative integer exp(F) such that 

t^^MF)q^ co[e]. 

An explicit formula for exp(F) can be given in terms of the Okutsu invariants: 
Theorem 4.6 ( |GMN10t Thm.5.2]). The exponent of F{x) is exp(F) = [/i^J; where 

V ^ h- 

fJ'F ■= 1^0 = y^i^ifi ■ ■ ■ cnfR - 1) — , 

e ^ ei ■ ■ ■ 

1=1 

and uq is the constant from equation 
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Therefore, the polynomials F and $ have the same exponent too. Moreover, all results of 
|HN08l IGMN081 IGMJN09] that relate arithmetic properties of the extension L/K with the 
invariants stored by the type t, can be equally applied to link t with arithmetic properties of 
the extension N/K. For instance, we shall frequently use the following remarks, that follow 
from Proposition [23] (4) and |HN08l Lem.2.17 (1)]. 



Lemma 4.7. Let $(a;) G 0[x\ he a Monies approximation to F, and take /3 G K^^^ a root 
of ^. Let P{x) G K[x] be an arbitrary polynomial. 

(1) IfdegP < degF, then v{P{^)) = w{P)/e = v{P{9)). 

(2) If P{x) = '^Q.^sO's{x)^{x)'^ is the canonical ^-adic development of P, then w{P) = 
mino<s{w(as$'*)}- 

In the lifting algorithm we will need to construct a polynomial ^'(a;) G K[x] such that 
deg^' < degF and w(\E') has a given value. To this end we can use |PalO[ Algorithm 14]. 

Lemma 4.8. Let m = degF, m G Z, and R the Okutsu depth of F. There is an algorithm 
that finds exponents G Z and Ji, . . . , Ji? G N such that 

m{x) = Ti^- (j)^{xy^ (i)R{xy'' 

has degree less than m and w{^) = u, in 0((logm)^) operations of integers less than m. 

For the commodity of the reader we reproduce the algorithm. First, we express u = Ne+t, 
< t < e. Then, the routine shown below computes ji, ■ ■ ■ ,jR and an integer M. Finally 
one takes j^, = N + M. 

Universal polynomial routine 

Jr h~^^t mod cr 
M ^{t-jM/cR 
For i = i? to 2 by -1 do 



ji-i ^ h^_^{M - iiVi) mod 



-1 



M ^ (M - jiVi - j,_i/ii_i)/ei_i 
Along the process of improving the Montes approximations to F, the required value of 



w(^) remains constant. By Lemma 4.7, the value f (\E'(/3)) = w{^) remains constant too: 
it does not depend on the pair Hence, is a kind of universal polynomial that is 

computed only once as an initial datum, and used in all iterations. 



5. Improving a Montes approximation 

We keep all notation of section |4| and we denote from now on m := degF = [L: K]. 

The aim of this section is to find a quadratic convergence iteration method to improve 
the Montes approximations to F{x). More precisely, given a Montes approximation 
we shall construct another Montes approximation such that > 2h^, where hq> and 
hif, are the slopes of the Newton polygons N^^{f) and N^^{f), respectively. 

The general idea of the lifting method is inspired in the classical Newton iteration method. 
Instead of Taylor development of f{x), we consider its 0-adic development: 

f{^) = '^o.s{x)(l){xy, degai<m. 

0<s 

11 



Figure 1. Newton polygon N^^wif) where /(x) = ao{x) + ai{x)(j) + ... is the 
0-adic expansion of /(x) and (j){x) is a Montes approximation to F{x). 




The principal Newton polygon N^^{f) has length one, as illustrated in Figure [T| Lemma 



4.7 



4.7 



(2) shows that w{f) = mmo<s<m{w{as(j)^)} = w(ai(f)). Therefore, for all s > 2, Lemma 
1) shows that: 



(7) v{a,{e)m) = — + vim) < "^^^^^^ + vim) < viaMmn, 

e e 

the last inequality because w(0)/e = V/e < f(0(6')) by the Theorem of the polygon. If we 
evaluate the 0-adic development at 9 we obtain 

^aoie)_ T.2<s^sie)m' 



With we get 



aiiO) aiie) 



As is irreducible we can use the extended Euclidean algorithm to obtain a^^(x) G K[x] 
with aiix)ai^ix) = 1 mod For := + where = ao(a;)a|f^(x) 

mod with degA < deg0, we get 

^^-ti^ = vi^ie)) = vim + Aio)) > vim) = 



Thus /i$ > and is a better approximation to the irreducible factor of fix). 

In the following we show that, as in the classical method, the measure of the approxima- 
tion is doubled in each iteration: /i<j, > 2h^; thus, we are led to a quadratic convergence 
algorithm. A crucial point for efficiency is to avoid the inversion of ai(^) in L. To this 
end, we demonstrate that classical Newton lifting yields a more efficient way for finding an 
approximation to the polynomial a]"^(x) and that in each iteration only one Newton lifting 
step is needed. 
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5.1. The main theorem: doubhng the slope. Let G 0[x] be a given Montes 

approximation to the irreducible factor F{x) of f{x). We choose a root a G K'^^^ of 4>{x) 
and consider the field M = K{a) with ring of integers Om and maximal ideal m-M- 

The next theorem gives a criterion to ensure that the slope is (at least) doubled if we 
take a Montes approximation of the form = (f){x) — A{x), for an adequate polynomial 
A{x) of degree less than m. 

Theorem 5.1. Let (p be a Montes approximation to F, and let h he a positive integer, 
< h < h^. For any polynomial A{x) G 0[x\ of degree less than m = degF, the following 
conditions are equivalent: 

(1) V (ao(a) + ai{a)A{a)) > + 2h)/e, 

(2) The polynomial <l>(x) := (f){x)—A{x), is a Montes approximation to F{x), and N^^{f) 
is one-sided of slope with h,^, > 2h, 

(3) V {ao{e) + a,{e)A{d)) > {w{f) + 2h)/e. 

Proof. By the shape of NT(f), we know that w(ao) > ""^(Z) + h, w{ai) = w{f) — w{(f)) = 



w{f) — V. Since degoo, degoi < m, Lemma 4.7 shows that: 



v{ao{9)) = v{ao{a)) = w{ao)/e > {w{f) + h)/e, 
v{ai{9)) = v{ai{a)) = w{ai)/e = {w{f) - V)/e. 

Let := (^{x) — A{x). From the 0-adic development of f{x) we get the ^-expansion 
/(^) = En< ^^'^^ = Eo< ^^^^ + = En< ^^^'^ 

'0<s '0<s '0<s 

where 

60 = ao + aiA H h asA' H h fln^", 

61 = ai + 2a2v4 H h sagA^'^ H , 

6fc = Ofc + (A; + l)ak+iA + ■ ■ ■ + (^) a^^'"^' + • • • • 

We shall see along the proof of the theorem that each of the conditions (1), (2), and (3) 
implies that 

w{A) >V + h, 

which in turn implies = V. For all s > /c > we obtain the lower bound 

w (^(^l^ a,A"-'=$'^) > w{a,(f)') + (s - k)h > w{f) + [s - k)h, 

from which we deduce: 

w{a2A^ + ■■■ + a^A"") > w{f) + 2h, {s>2,k = 0) 

wlbk'i>'')>w{f),Wk>l, {s>k>l) 
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We consider the canonical $-adic developments: 
Oo + aiA = do + 

02^4^ H h flnA" = Mo + Mi$ + 



(2a2A 



■ ■ + Us^" 

^2$^ + ■ 



+ 



The bounds (ph and Lemma 4.7 (2) show that: 



w{f) + h < w {ao + aiA) = mm{w{do), w ((ii$)}, 
w{f ) +2h<w [a^A^ + ■ • ■ a„A") = mino<,{w 

+ h<w {{2a2A H h na„A""^)<l>) = mini<s{w {gs^')}- 

Hence, 

w^(cii)>^(/) + /^-^, 
(10) w{uo) >w{f) + 2h, w{ui) > w{f) + 2h - V, 

w{gi) > w{f) + h~V. 

We now prove that condition (1) implies condition (2). From 

v{ao{a)) > {w{f) + h)/e, v (ao(a) + ai{a)A{a)) > {w{f) + 2h)/e, 

we deduce v {ai{a)A(a)) > {w{f ) + h)/e. By ([s]), we get 

V (Aia)) > (wif) + h)/e - iw{f) - V)/e = (V + h)/e. 

Since degA < m, Lemma 4.7 shows that w{A) > V + h, so that all bounds ([9]), 
hold. Also, V {A{9)) > (V + h)/e. By the theorem of the polygon, v{(j){9)) > V/e. Hence, 



(10) 



V ($(6*)) > V/e, and $ is a Montes approximation to F, by Lemma 3.1 

In particular, the shape of the Newton polygon N^^{f) is analogous to the shape of 
N^^{f) (see Figure [Tj). Thus, condition (2) holds if and only if w{cq) > w{f) + 2h, where Cq 
is the 0-th coefficient of the $-adic development of f{x). Now, the coefficient Cq is the 0-th 
coefficient of the $-adic development of Bq. We can express this coefficient as: Cq = do + Uq. 
By (10), it is sufficient to check that w{do) > w{f) + 2h. 

From (10) we also have: v {di{a)) > {w{f) + h — V)/e. Since f ($(a)) = 
{V + h)/e, weget, v(rfi («)$(«)) > {w{f) + 2h)/e. Therefore, v{do{a)) > {w{f) 
Lemma 4.7[ this implies w{do) > w{f) + 2h, and condition (2) holds. 
Suppose now that condition (2) holds. By Lemma 4.4, w($) = V and: 

V ($(^)) = {V + h^)/e >{V + 2h)/e, 
vim) = {V + h^)/e>iV + h)/e. 



v{A{a)) > 
f2/i)/e. By 



Hence, v {A{6)) > (V + h) / e, and since degA < m, we have w{A) > V + h, by Lemma 4.7 
Thus, all bounds ([9]), (10) hold. Let Cq = do + Uq be, as above, the 0-th coefficient of the $- 
adic development of /(x). By hypothesis, w(co) > w{f)+2h, andhj {10), w{uo) > w{f)+2h; 
hence, w{do) > w{f) + 2h, so that v{do{6)) > {w{f) + 2h)/e. On the other hand, by (10) we 
have also v{di{9)) > {w{f) + h — V)/e, so that 

V (diieMe)) > (wif) + h- V)/e + iV + 2h)/e = (wif) + 3h)/e. 

Hence, v {ao{e) + ai{e)A{e)) = v {do{e) + di{e)^{e)) > {w{f) + 2h)/e, and condition (3) 
holds. 

Finally, if we exchange the roles of a and 6 (i.e. exchange the roles of (f) and F), the above 
arguments also show that condition (3) implies condition (1). □ 
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Along the proof of the theorem we got some precise information about the coefficient ci 
of the canonical ^-development of f{x). 

Corollary 5.2. The coefficient c\ G 0\x\ oj the canonical ^-adic development of f{x) sa- 
tisfies: w{ci — ai) > w{ai) + h. 



Proof. Clearly, ci = (ii -|--ui -|-ai and by ([lOj), the three elements di, ui, gi have w-value 
greater than or equal to w{f) + h — V = w{ai) + h. □ 

Furthermore ao{x)a]^^(x) has integral coefficients: 

Corollary 5.3. The quotient aQ{a)/ai{a) belongs to the order 0[a] C Om- 



Proof. The choice A{x) = 4>{x) — F{x) obviously satisfies Theorem 5.1| (2). Hence, 

V (ao(a) + ai{a)A{a)) > {w{f) + 2h)/e. 



Take p := {ao{a) / ai{a)) + A{a). By (|8]), v{p) > {V + 2h)/e. Theorem 4.6 shows that 
v{p) > exp(0), so that p belongs to 0[a], and ao(a)/cii(«) belongs to 0[a] too. □ 

5.2. Newton inversion modulo a power of the maximal ideal. As a consequence of 



Theorem |5.1[ every iteration of the single-factor lifting algorithm should efficiently compute 
a polynomial A{x) G 0[x], such that degA < m and 

V (ao(a) + ai{a)A{a)) > {w{f) + 2h)/e, 



where a is a root of By the argument given in the proof of Corollary 5.3[ this polynomial 
A(x) always exists. A possible solution would be to invert the element ai{a) in the field 
M = K{a) and consider the polynomial A{x) such that A{a) = — ao(«)/ai(a). However, 
for polynomials of large degree, or having large coefficients, the application of an extended 
CCD algorithm usually leads to an explosion of coefficients. 

Instead, we shall compute an approximation to —ao{a)/ai{a) modulo a sufficiently high 
power of rriA/, by applying classical Newton lifting. 

By Lemma 4.8 we can construct a polynomial ^(x) G K[x] of degree less than m with 
ty(^) = -w{ai) = -w{f) + V. If we set 

Ao{x) := ao(x)\E'(x) mod Ai{x) = ai(x)\E'(x) mod 

then v{Ai{a)) = and 

. ,,^ wif) + h , -wif) + V V + h 

v{Ao{a)) > \ = . 

e e e 

For any polynomial A{x) G 0[x], the following conditions are clearly equivalent: 

(1) V (ao(a) + ai{a)A{a)) > + 2h)/e, 

(2) V (Ao(«) + A^{a)A{a)) > («;(/) + 2h)/e + vi^ia)) = (V + 2h)/e, 

(3) Aia) = -Aoia)/A^{a) (mod (mMV^^^)- 

Because v^Ao^a)) > (V + h) / e, it is sufficient to find an element A'^^i^a) G M with 
A^^{a)Ai{a) = 1 mod (triM)'' and then take A{x) G K[x] to be t he u nique polynomial 



of degree less than m satisfying A{a) = —AQ{a)A^ ^(ct)- By Theorem 4.6, we get 

v{A{a)) = v{Aoia)A^^{a)) = v{Ao{a)) >{V + h)/e> exp(F) = exp(0), 
so that A{x) eO[x]. 
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We compute the approximation ^(a) to Ai{a) ^ by the classical Newton iteration: 

Xk+i = Xk{2 - Ai{a)xk), 



starting with a lift xq G Om of the inverse of Ai{a) in the residue field Om/^m- Note that 
if char(i^) = 2, the iteraton amounts to Xk+i = 

This iteration method has quadratic convergence. If Ai{a)xk = 1 + z with z G (ttim)*, 
then z'^ G (ttim)^* and 

. . X _ / Ai{a)xk{2 - Ai{a)xk) = (1 + z){l - z) = I - z\ if char(ir) ^ 2, 
Ai[^a)Xk+i - I ^^(^)2(^^)2 _ (1 + _ 1 _^ if char(ir) = 2. 

Hence Xk = Ai{a)~^ mod (iriAf)^^, which implies that the computation of A{x) requires 
only log2(/i) iterations. Each iteration has a cost of two multiplications (and one addition) 
in the field M. 

5.2.1. Computation of the initial lift. The efficient computation of an initial lift Xq G Om 
of the inverse of Ai{a) in Om/^m is a non-trivial matter. Let us explain how to obtain xo 
without inverting elements in M. Recall the isomorphism 7: F^+i — > Om/^m described 
m iQ. As one of the ingredients of a CRT routine on global fields, based on the OM- 
representations of prime ideals, in |GMN10l Sec. 4. 2] we described how to compute a section 
of the reduction mapping: 

Om — > OM/mM — > F^+i, 

For the ease of the reader, we reproduce this description. 

Suppose Ai{x) = g{x)/7i'^, for some g{x) G 0[x]. Since deg^f < m, the type t does 
not divide g: ordt(^) = 0. Hence, by [HNOSi Prop.3.5] (see also [C^MNim Prop.2.1]), the 
computation of the residual polynomial of g{x) of r-th order yields an identity: 



where the exponents s,u can be read in N~{g), and $r(a;), iTrix) G K{x) are rational 
fractions constructed in |HN08l Sec. 2. 4], that can be expressed as a products of powers 
of TT, 01, . . . , 0r with integer exponents: 

$^(a;) = 7r^Vi(a;)-''i ■ ■ ■ M^y^^ 7r,(a;) = 7r^o0i(x)^'i ■ ■ ■ 0,(x)^^ jk, fk G Z. 



These exponents jk,jk computed and stored by Montes algorithm. From (11) we deduce: 



e := 7"^(^i(tt)) = 7"^ (^g{a)7r-^'^ = Rr{g){zrh~^ (^7rA'$^(a)-«7r,(a)-«) 

= Rrig)izr)z{^---zl:- e¥%,, 

for some easily computable exponents ti, . . . ,tr |GMN10| Lem.1.4]. The same lemma may 
be applied to find integers t[, . . . , t'^ such that 

e' := 7"' (W^F^) = 4 ■ ■ ■ 4^ e 

Let (pill) G Fr[?/] be the unique polynomial of degree less than such that ip{zr) = 
^£reAt/er^^^/^j_i^ and let u := oTdyip{y). The integer ir satisfies irhr = 1 mod e^, and it is 
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also stored by the type t. The constructive method described in |HN08t Prop. 2. 10] allows 
one to compute a polynomial h{x) G 0[x] satisfying the following properties: 

degh{x) < m, w{h) = e/i, y''Rr{h){y) = ip{y). 



-1 



This polynomial satisfies what we want: h(a)TT ^^ = 7(^) = Ai[a) (cf. loc.cit.). Thus, 
we may take xq = h{a)Tc~'^. 

5.3. The main loop. We are ready to give a detailed description of the iteration steps. 
Let us recall the preliminary computations before entering into the iteration of the main 
loop. Suppose is the input Montes approximation to F, a G K^*^^ is a rot of 0, and 
M = K{a). We compute the first two coefficients ao(x),ai(x) of the 0-adic development of 
f{x), their w- value w{ao), w{ai), and the slope of the (r+l)-th order Newton polygon of /(x): 
= w{ao) — w{ai) — V. Next, we apply the algorithm described in Lemma 4.8 to compute 
the universal polynomial G K[x] of degree less than m, such that = —w{ai). We 

compute then the polynomials 

Aq{x) := ao(x)\E'(x) mod (p{x), Ai{x) := ai(x)\l'(x) mod 

We apply the lifting routine that we just described in the last subsection, to obtain a poly- 
nomial P{x) G K[x], of degree less than m, such that P{a)Ai{a) = 1 (mod (m.Af)'^'*). 

Actually, these preliminary computations may be considered the first iteration step. In 
fact, the next Montes approximation is determined already by: 

^ := (p - A, for A{x) := -Aq{x)P{x) mod (p. 

After the first step, we enter into a general loop. Let $ be the i-th Montes approximation 
to F computed so far, so that > 2/1,^, where is the {i — l)-th Montes approximation. 
Let A := - $, /3 G K'^'p a root of $, = K{/3), a G K'"'^ a root of 0, and M = K{a). 

1. Compute the first two terms co(x), Ci(x), of the $-adic development of f{x). 

2. Cq{x) := Co(x)\l>(x) mod <l>(x), Ci{x) := Ci(x)\l/(x) mod 



By Corollary 5.2 we have w{ci) = w{ai); thus, w{Ci) = 0, or equivalently v{Ci{/3)) = 0, 
by Lemma 4.7, We need now a polynomial Q{x) G K[x] such that 

Q{(3)Ci{f3) = 1 (mod (m;v)'*). 

Let P{x) G K[x] be the analogous polynomial that we used in the previous iteration; with 
the above notation, P(x) = A]~^(x) satisfied: P{a)Ai(a) = 1 (mod (rriA/)'^'*). To compute 
Q{x) we apply a (single!) step of the classical Newton iteration, with Ci replacing Ai. 

3. Q{x) := P(x)(2 - Ci{x)P{x)) mod $(x) 

Proposition 5.5 below shows that P{(3) is also an approximation to Ci{(3)~^ modulo 
(tTiAr)'^'^. Thus, Q{f3) is indeed an approximation to Ci(/3)"^ with double precision, as re- 
quired. Finally, we get the next Montes approximation as usual: 

4. $':=$- C, for C{x) := -Co{x)Q{x) mod $. 



The proof of Proposition |5.5| is based on the following lemma. 

Lemma 5.4. With the above notation, let g{x) G K[x] be a polynomial satisfying w{g) > 
and v{g{a)) > h/e. Then, v{g{/3)) > h/e. 
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Proof. Let g{x) = Ylo<s^six)(f){x)^ be the 0-adic development of g{x). By Lemma 
w{qs4>'^) > w{g) > 0, for all s > 0. Since w{A) > V + h, we get w{qsA^) > sh, for af 
Since g{f3) 



4.7 



(2), 



s > 0. 



4.7 



(1) shows that 



□ 



T.o<s <lsW)MPy^ Lemma 
viqs{P)A{f3r) > sh/e, Vs > 0, v{qo{P)) = v{qo{a)) = v{g{a)) > h/e. 
This implies v{g{l3)) > h/e. 

Proposition 5.5. With the above notation, let P{x) G K[x] be a polynomial of degree less 
than m such that P{a)Ai{a) = 1 (mod (triA/)'^). Then, P{f3)Ci{f3) = 1 (mod (m^v)''). 

Proof. Since degP < deg0 we have w{P) 
and w{PAi - 1) > 0. 



v{P{a)) = by Lemma 4.7, Also, w{Ai) = 



If we apply Lemma 5.4 to the polynomial g = PAi — 1, we get v{P{/3)Ai{/3) — 1) > h/e. 
In particular, v{P{f3)) = 0. 

On the other hand, w{ci — ai) > w{ai) + h, by Corollary 5.2 Lemma 4.7, shows that 
v{ci{(3) - ai(/3)) > v{ai{/3)) + (h/e), so that 

v{Ci{f3) - A.m = v{ci{f3) - ai(/3)) + v{^{f3)) > h/e. 

Now, the identity P(/3)Ci(/3) - 1 = P(/3)(Ci(/3) - Ai(/3)) + P{/3)Ai{/3) - 1, shows that 
v{P{f3)C,{P)-l)>h/e. □ 

6. The Algorithm 

Let f{x) G 0[x] be a monic and separable polynomial, and t an /-complete optimal 
type of order r, that corresponds to a monic irreducible factor F{x) G 0[x] of f{x). Let 



$(x) G 0[x] be a Montes approximation to F{x). By Lemma 4.5 

F(x) = <l>(x) (mod m^''^), u = uo + {h^/e), 

where z/q is given in ([s]) and e = ei . . . = e{L/K). So, if u is the precision to which we 
want to find F, it is sufficient to find a Montes approximation $ with > e{v — vq). 

We summarize in an algorithm the methods developed in the previous section to achieve 
this end. Recall that an initial Montes approximation </)(a;) is always provided by Montes 
algorithm as an (r + l)-th (/)-polynomial: (f) := 0r+i- As before we set w := Vr+i- The 
function "quotrem" returns the quotient and remainder of its parameters. 

Algorithm 6.1 (Single- Factor Lifting). 
Input: / G monic separable, t an /-complete optimal type corresponding to some 

monic irreducible factor F{x) G 0[x] of /(a;), G a representative of t, 

1/ G N a desired precision. 
Output: An irreducible polynomial $ G such that $ = F mod m'^ 

(1) a, Oo ^ quotrem(/, 0), Oi ^ a mod 

(2) h^ ^ w;(ao) - w(ai0) 

(3) Find ^ G K[x\ with deg\E' < deg0 and w{^) = —w{ai) (cf. Lemma 4.8) 

(4) ^0 ^ao mod 0, Ai ^ ^ai mod 



(5) Find G K[x] with w {{A^^Ai mod 0) - l) > (cf. Section |5.2.l |) 

(6) s ^ 1 

(7) while s < h^: (Newton inversion) 

(a) ^ A-{\2 - AiA-{^) mod 

18 



(b) s ^ 2s 

(8) A ^ AoAl^ mod 0, $ ^ (/> + A, Cf ^ ^ 

(9) ^ ^ /i<^ 

(10) while h < e{u — uq): (The main loop) 

(a) c, Co ^ quotrem(/, $), ci ^ c mod $ 

(b) Co ^ ^E'co mod $, Ci ^ ^Ci mod $ 

(c) C^^ ^ Cf ^(2 - CiCf ^) mod 

(d) C ^ CoCf ^ mod $ 

(e) $ ^ $ + C 

(f) /i ^ 2/i 

(11) return $ 

Note that the output is always an irreducible polynomial in 0[x\, regardless of the quality 
of the prescribed precision v. Of course, if v is too small, the output polynomial will not be 
necessarily irreducible modulo m^. 



Algorithm QA_ can be simplified by removing the Newton inversion loop. Then the main 
loop is entered with h = 1 < h^f, and the initial approximation A^^ for Cf ^ computed in step 
(5). This avoids the computation of w{ao) in step (2) but comes with the additional cost of 
computing more remainders Cq and Ci. We get: 

Algorithm 6.2 (Short Single- Factor Lifting). 
Input: f E 0[x] monic separable, t an /-complete optimal type corresponding to some 

monic irreducible factor F{x) G 0[x] of f{x), (f) E 0[x] a. representative of t, 

z/ G N a desired precision. 
Output: An irreducible polynomial $ G such that $ = F mod m'^ 

(1) a, Oo quotrem(/, 0), Oi a mod 



(2) Find \I' G K[x] with deg\E' < deg0 and w{'^) = —w{ai) (cf. Lemma 4.8) 

(3) Aq ^ ^flQ mod 0, Ai ^ mod 

(4) Find Cf ^ G K[x] with w ((Cf mod 0) - l) > (cf. Section |5. 2.1 [ ) 

(5) 0^0+ (AoCf ^ mod 0) 

(6) h^2 

(7) while h < e{v — uq): (The main loop) 

(a) c, Co 4- quotrem(/, 0), ci ^ c mod 

(b) Co ^ ^E'co mod 0, Ci ^ \E'ci mod 

(c) Cf ^ ^ Cf ^(2 - CiCf 1) mod 

(d) C ^ CoCf ^ mod 

(e) ^ + C 

(f) h^2h 

(8) return 



In the following we restrict our analysis to Algorithm |6.2[ In practice. Algorithm |6 . 1 1 has 
a better average performance than Algorithm |6.2 



6.1. Precision. The precision necessary to perform the computations in each step of the 
algorithm is relevant for the complexity analysis and for efficiently implementing the algo- 
rithm. It is most efficient to conduct each computation with a fixed precision, say /x; that 
is, we truncate the vr-adic expansion of all elements in O after the /x-th vr-adic digit. This 
precision is increased in each iteration of the loop. 
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We analyze the precision needed in the main loop by going through the steps in reverse 



order. By Theorem 5.1, Lemma 4.4) and Corollary 5.3, the polynomial C{x) computed in 
step (5d) has coefficients in O, and it is expected to satisfy: 

e 

Thus, in (5e), we need to know the coefficients of C{x) G 0[x] to a vr-adic precision of 
\{2h^ + V)/e\ digits. 

We denote by exp(F) the exponent of the polynomial F (see Theorem 4.6). As for all 
polynomials B{x) G K[x] that occur in the algorithm the element B{6) is integral, they can 
be represented in the form B{x) = h{x)/Ti'^ where h{x) G 0[x] and < (i < exp(F). So 
the loss of precision in each multiplication in steps (5b), (5c), and (5d) is at most exp(F) 
vr-adic digits. Thus the needed precision for C{x) can be guaranteed if Cq{x) and Ci(x) are 
computed with a vr-adic precision of \{2h^ + V)/e \ + 4exp(F) digits. To this purpose, it is 
sufficient to conduct the division with remainder with this precision. 



Lemma 6.3. If all polynomials in the main loop in Algorithm 6.2 are represented in the form 
b{x)/'K'^ where b{x) G 0[x] and < d < exp(F), a n-adic precision of [" ^^^^ ] +4exp(F) for 
the numerator is sufficient in each iteration of the main loop. 

6.2. Complexity of single-factor lifting. In the following we give a complexity estimate 
for the steps in the algorithm, assuming that the residue field F is finite. Let n = deg/, 
m = degF = deg0, and R = depth(F). 

(1) The divisions with remainder can be conducted in 0{(n — m)m) operations in O. 

(2) By |HNn8[ Lem.4.21], the computation of w{ai) = v{ai{6j) is essentially equivalent 
to the computation of the (0i, . . . , 0r)-niultiadic expansion of ai. By |PalOt Lemma 
18] it takes operations in O to compute w{ai). 

(3) The polynomial with ty(\E') = —w{ai) is constructed as \E'(x) = vr-^'"0j^ . . . 0]^, 
for exponents jn,ji: ■ ■ ■ iJR that can be found in 0((logm)^) integer operations of 



integers less than ra by Lemma 4.8 The power product needed for computing ^!{x) 
can be evaluated in 0{m'^) operations in O. 

(4) Two polynomials of degree up to m can be multiplied in O(m^) operations in O, the 
reduction by the polynomial also takes 0{m'^) operations in O. 

(5) By |PalOl section 9] a polynomial representation of the initial value of Cf ^ can be 
found in 0(m^(logm)^) operations in O. 

(6) There are log2(e(i/ — z/q)) iterations of the main loop. In each iteration there are two 
divisions with remainder that take 0{{n — m)m) operations in O. Furthermore, the 
iteration requires five multiphcations and two additions; these operations, including 
the reduction by the polynomial 0(x), take 0{m?) operations in O. So in total each 
iteration of the loop consists of 0{nm) operations in O. 

If we so do not take the necessary vr-adic precision into account we obtain: 
Lemma 6.4. Let K he a local field with finite residue field, O its valuation ring and 



f{x) G 0[x\ a monic separable polynomial of degree n. Algorithm 6.2 can lift a Montes 
approximation (f){x) G 0[x] to an irreducible factor F{x) G 0[x] of degree m of f{x), to a 
precision of u ir-adic digits, in O (nm[(logm)^ + log(ez/)]) operations in O, where e is the 
ramification index of K[x]/{F{x)) over K. 
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In the special case = Qp we include the cost of the operations in Zp in our complex- 
ity estimate. In our estimates we assume that two p-adic numbers of precision u can be 
multiplied in 0(i/log z/loglog z/) = ©(i/^"*"^) operations of integers less than p |SS71j . 

Because it is our goal to give a complexity estimate for polynomial factorization in general 
and the cost of steps (1), (2), (3), and (4) is included in the complexity estimate of Montes 
algorithm we only consider the main loop in the next lemma. 

Lemma 6.5. Let f{x) G Zp[x] he a monic separable polynomial of degree n. Algorithm 6.^ 
can lift a Montes approximation G Zp[x] to an irreducible factor F{x) of degree m of 
f{x), to ap-adic precision of u digits, in O (nm[z/^+^ + f (disc(-F))^+'^]) operations of integers 
less than p in the main loop. 



Proof. Let L = Qp[x] / {F (x)) , and let e be the ramification index of L/Qp. By Lemma 6.3 
the precision needed in the j-th iteration (1 < j < log2(ez/)) of the main loop is 



2^ + V 



+ 4exp(F) < 



2^ + 5V' 



the last inequality by Theorem |4.6[ Let s = [log2(ez/)]. Clearly, for e <^ 0, we have 



0<j<s 



0{r), 

Ois), 



for 6 
for 6 



1 + 
e 



Now, the number of operations of integers less than p in the main loop is approximately 



l<i<s 



= e-(^+^)0 (2(1+^)^ + sV + 2'V' + sV^^') 

= O + e~'s{V/e) + viyie)' + s(r/e)^+^) 

= 0(z/^+^ + s(V/e)^+^), 

the last equality because e~'"siy je) is dominated by siyje)^^'^ and viyje)'^ is dominated by 



either v^^'" or siyje^^''. By Theorem 4.6 



Vje = exp(F) + uq < 2exp(F) < 2ind(F) < t;(disc(F)). 

On the other hand, loge < logf (disc(L)) < log v (disc (F)), so that (log e)f (disc(F))^"'"'' = 
0(v(disc(F))^"''^). Therefore, the term s(V"/e)^"'"^ = 0(log(ez/)t>(disc(F))^"'"'') is dominated 
either by z/^"*"^ (if u > f (disc(F))) or by f (disc(-F))-'^"^'^) (if u < f(disc(F))). This ends the 
proof of the lemma. □ 



6.3. Complexity of Polynomial Factorization over Zp[x]. The complexity estimates 
for Montes algorithm |FV10l iPalOj are based on |Pa01t Proposition 4.1], which asserts that 
if nv{(f){9)) > 2f (disc(/)) for all roots 9 of f{x) and if the degree of 0(x) is less than or 
equal to the degree of any irreducible factor of f{x), then f{x) is irreducible. Because the 
improvement of the approximation 0(x) to an irreducible factor of f{x) measured by v{(f){6)) 
is at least 2/n in each step, Montes algorithm determines whether a polynomial is irreducible 
in at most f (disc(/)) steps. A detailed analysis of the algorithm yields: 
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Theorem 6.6 ( |PalOl Theorem 1]). Let p be a fixed prime. We can establish whether a 
polynomial f{x) G Zp[x] of degree n is irreducible in at most 0(n^"''^t'(disc(/))^'^'^) operations 
of integers less than p. 

If f{x) is reducible, Montes algorithm finds a such that N^{f) = N^, „.(/)) consists of 
more than one segment in less than f (disc(/)) iterations. Each of these segments corresponds 
to a factor g{x) of f{x) and Montes algorithm branches to find improved approximations to 
each of these factors based on 4>i{x). Now, by |Pa01t Proposition 4.1], the irreducibility of 
g{x) can be determined or the algorithm comes across a Newton polygon whose principal 
part consists of more than one segment in less than t;(disc(7) steps. Thus, since v{disc{gh)) > 
v{disc{g)) +w(disc(/i)) for all polynomials g{x) and h{x), f(disc(/)) is also an estimate for 
the number of steps needed to find Montes approximations to all irreducible factors of f{x). 
We get: 

Corollary 6.7. Let p be a fixed prime. Montes approximations to all irreducible factors of 
f{x) G 1ip[x] of degree n can be found in at most 0{n'^~^'^v{disc{f))^~^'^) operations of integers 
less than p. 

Let mi,...,mk denote the degrees of the irreducible factors Fi,...,Fk of f{x). As 
Yl^=i = n the Montes approximations of all factors can be lifted to a precision of u 
p-adic digits in 

k 

Y,0 {nmi[u^+' + v{disc{Fi)Y+']) = O {n^^^^ + v{disc{f 
1=1 

operations of integers less than p. Thus, we find the following general estimation for the 
complexity of the factorization algorithm that combines Montes algorithm with the single- 
factor lifting algorithm. 

Theorem 6.8. Let p be a fixed prime, f{x) G Zp[x] a polynomial of degree n, and G N 
a prescribed precision. One can find approximations G Zp[x] to all irreducible factors 
F{x) of f{x), with F{x) = mod p'^, in at most 0{n'^^''v {disc fY^" + n'^h'^^'') operations 

of integers less than p. 

6.4. Direct single-factor lifting. Let f{x) G 0[x] and assume we know a monic factor 
(f){x) G ¥[x] of f{x) G F such that (j) \ f . By Hensel lemma, there is a unique irreducible 
factor F{x) G 0[x\ of f{x) whose reduction modulo m is (t){x). In this case, any monic lift 
(p^x) G 0[x\ of is already a Montes approximation to -F(x), with respect to the type 
of order zero determined by We can use the single-factor lifting algorithm directly 



without any prior iterations of Montes algorithm. If we specialize Algorithm |6. 1| accordingly 
we obtain: 

Algorithm 6.9 (Direct Single- Factor Lifting). 
Input: / G 0[x\, (p G F[x] irreducible such that (p \ f but f /, z/ G N 
Output: An irreducible polynomial $ G dividing / modulo n^, such that $ = 

(1) a, ao ^ quotrem(/, (p), ai ^ a mod (p 

(2) i- Vi{ao) 

(3) Find a'^'^ G 0[x] such that aiai^ = 1 mod (p 
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(4) for 1 < z < |"log2 ^ ^ ^(2 - aia-^ ^) mod 

(5) A ^ aoa^^ mod 0, $ <(- + A 

(6) forl<z< [log2(i//V)l: 

(a) a, ao ^ quotrem(/, $), ai ^ a mod $ 

(b) a^^ ^ C'l^i'^ — didi^) mod $ 

(c) A ^ a^a^^ mod $, $ $ + A 

(7) return $ 



The valuation ui of step (2) was defined in section |2j fi(ao) is the minimum of the f- values 
of the coefficients of ag. The computation of the initial value of a^^ in step (3) is trivial 
now; it amounts to compute a section of the ring homomorphism 0[x] — > C>[x]/ (tt, 0). The 
TT-adic precision required in each iteration of the first loop is 2* digits. In the second loop 



we need a precision of 2^~^^h(k digits. It is easy to see that the complexity of Algorithm 6.9 



is the same as the complexity of the quadratic Hensel Lift algorithm |Za69j . In practice 



Algorithm 6.9 has a slightly better performance. 



7. Experimental results 



The combination of algorithm 6.1 with Montes algorithm yields a new p-adic polyno- 



mial factorization algorithm. We have implemented this algorithm in Magma to check its 



practical efficiency; the implementation can be obtained from http : //themontesproject . 
[biogspot . com', Our routine, called SFLFactor, takes a separable monic polynomial / G 
a prime number p and a certain precision u and returns p-adically irreducible polynomials 
01, ... , (pm G '^[x] such that / = 0i . . . 0m, (mod p''). 

Besides its good theoretical complexity, the routine has a high efficiency in practice. We 
have applied it to the test polynomials given in the Appendix, and compared the results 
with those of the standard p-adic factorization routines of Magma and PARI. We present here 
some of these results. All tests have been done in a Linux server, with two Intel Quad 
Core processors, running at 3.0 Ghz, with 32Gb of RAM memory. Times are expressed in 
miliseconds. 



Running time vs depth. The graphic in Figure |2] shows the running times of our factor- 
ization routine applied to the polynomials Epj{x) for p < 1000, compared to those of Magma 
and part's functions. Magma can't go beyond j = 4 in less than an hour, while PARI reaches 
only j = 5; our package takes at most 2 seconds to factor any of these polynomials. The 
running time of SFLFactor on the polynomials Ep^s(x) is better observed in Figure |3} 

Running time vs width. The graphic in Figure |4] compares the behaviour of SFLFactor, 
Magma and PARI with respect to the width, using the test polynomials Bp^k{x) for k < 1000. 
Since the width tends to be a very pessimistic bound, we have also tested the performance of 
SFLFactor, with the test polynomials A2,50,5000i,r(2;), for 1 < r < 1000. These polynomials 
have all the same (large) width, but each one requires r + 1 iterations of the main loop of 
Montes algorithm, to detect its p-adic irreducibility. Thus, for r large, they constitute very 
ill-conditioned examples for our algorithm. The running-times are shown in Figure [5j 
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Figure 2. Running times (in miliseconds) of SFLFactor (red), Magma (green) 
and PARI (blue). 




Figure 3. Running times of SFLFactor applied to the polynomials Ep^s{x) for 
p < 1000. 




sw loco 



Figure 4. Running times of SFLFactor (red), Magma (green) and PARI (blue) 
applied to the poylnomials -Bp,fc(x) 
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Figure 5. Running times of SFLFactor for ^2, 50, 5001, r (2;) 
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Figure 6. Running times of our package for -Dioi,p,2,3(2;)i P G 
{1069, 1087, 1091, 1051, 1117, 1097, 919, 1009}. 




30 4* 



Figure 7. Running times of our package for j4ioi,mn,2ii,o(3;) and ^ioin2ii 





Running time vs number of factors. We can observe in Figures [6] and [7] the beliaviour 
of SFLFactor witli respect to tlie number of factors of ttie polynomial to be factored. The 
first graphic shows the running times of our routine applied to the polynomials -Dioi,p,2,3(3;) 
for the primes p G {1069, 1087, 1091, 1051, 1117, 1097, 919, 1009}, which cover all the possible 
splitting types of the 101-th cyclotomic polynomial. 

In Figure [7] we can compare the performance of our algorithm applied to the polynomi- 



als Aioi,mn,2ii,o(2;) and A 



101,n,211 



X) 



The different height of the polynomials is a plausible 



explanation for the significative difference in the running times. 



Statistical tests. We have tested algorithm |6.9| to compare its practical performance with 
that of the classical Hensel lift algorithm. For every m G {2, . . . , 20} we have built a list of 
1000 random pairs {/, /j^}, where j{x) G is a separable product of m quartic irreducible 
polynomials modulo 17, and G Fi7[a:] is a factor of /. For each pair, the factor is 
lifted with both algorithms to Zp[x] to precision 50,100,150,. . . ,1000 successively. Figure |8] 
shows the average running times, suggesting that Single-factor lifting seems slightly faster 
than Hensel lift. 
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Figure 8. Average running times of statistical tests on Single- factor Lifting 
(Green) and Hensel Lift (Red). 

Number of fectois 




Appendix: Families of test polynomials 

Along the design of a new algorithm, it is useful to dispose of a bank of benchmarks to 
test its efficiency. Different authors ( |Co07j . |FPR02j ) have provided such benchmarks for 
different problems in computational algebraic number theory. These lists of polynomials have 
been of great use, but the new algorithms and the fast evolution of hardware have left it out of 
date. We propose an update consisting of several parametric families of polynomials, which 
should cover all the computational difficulties one may encounter in problems concerning 
prime ideals in number fields (prime ideal factorization, p-adic factorization, computation of 
p-integral bases, etc). 

Classically, it has been considered that the invariants of an irreducible polynomial f{x) G 
that determine its computational complexity are the degree, the height (maximal size 
of the coefficients) and, when we focus on a prime number p, the p-index. The p-index of 
f{x) is the p-adic valuation of the index (Z^ : Z[0]), where G Q is a root of f{x), K = Q{6) 
and Tjk is the ring of integers of K. The p-index is closely related to the p-adic valuation of 
the discriminant disc(/). 

As mentioned in section |3} for a finer analysis of the complexity two more invariants must 
be taken into account: the depth and width of the different p-adic irreducible factors of 
f{x). Therefore, our families of test polynomials are described in terms of different integer 
parameters which affect its degree, height, index, number of p-adic irreducible factors, and 
their depth and width. The computational complexity of the aforementioned problems can 
be adjusted to the reader's convenience by a proper choice of the parameters, by combining 
different issues or focusing on a concrete one. 

The test polynomials are gathered in Table [Tj The parameters appearing in the table may 
be required to satisfy particular conditions in each family. 

The main characteristics of these polynomials are summarized in Table [2j The notation 
used in the headers of the table is: 

depthp(/) := maximum depth of the p-adic irreducible factors of /. 
widthp(/) :=sum of the components of the widths of all the local factors of /. 
indp(/) := p-adic valuation of the index of /. 

Ap{K) := p-adic valuation of the discriminant of the number field K defined by /. 
pTjK = factorization of the prime p in the ring of integers of i^. A term means a 
prime ideal with ramification index e and residual degree / (no exponent or subindex 
are written if they are 1). 
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Table 1. Families of test polynomials 





= + 1 + pH hp ) +p ; 


A tn { \ 


= [x'' + 2p''){{x + 2)"- + 2^") . . .{{x + 2m — 2)" + 2^") + 2^™-""; 


7") / \ 

Bp,k{x) = 


{x"^ — 2x + Ay + p"; 


Cp^k{x) = 


{{x^ + Apx^ + 3p^x^ + Ap^f + + p'' 


De^p,n,k{^) 


= [x^-^ + x^-^ + h X + 1)" + p'^ 


Ep,i{^) = 


+ p 




+ (p - 




EpAxf+p'' 


Ep^x) = 




Ep,5{x) = 


EpAxf + {p- l)p*''xEpAx)EpAxT 


Epfi{x) = 


EpAxf +p''^xEpAx)EpAx) 


Epjix) = 


Epfii^f + p'''''EpAx)EpAx)EpAx) 


EpA^) = 


Epj{xf + {p- l)p^^''xEpA^)EpA^fEpAxfEM 



Further explanations about each family are given in the subsequent subsections. 

It is worth mentioning that the polynomials in our list can be combined to build new 
examples of test polynomials, whose characteristics will combine those of the factors. The 
philosophy is: take /, g from the table and form the polynomial h = fg + p"', with a G N high 
enough. Indeed, this is the technique used to build the polynomials A^^ ^(x) and Di^p^n,k{^)- 
This procedure allows everyone to build its own test polynomial with local invariants at her 
convenience. 

A final remark concerning the use of our test polynomials: they are not only intended 
to compare the performance of different algorithms. They are also useful to analyse the 
influence of the different parameters in your favourite algorithm. Besides the obvious tests 
between polynomials in the same family, more subtle comparisons can be done to study the 
performance of your algorithm. The following table proposes some of them: 



/ 


9 


useful to check dependency on 


EpA^x) 


Cp,2s{x) 


number of factors 


Cp,k(yX) 


^p,36,A:,o(3^) 


depth 


Dt.p.n.kix) 


Ap,r,{e-l)Ax) 


width 


()(•'■) 


Ap,n.k.k-l{/) 


precision 



Notation. From now on, whenever we deal with a prime number p, we denote by Vp the 
p-adic valuation of Zp normalized by Vp{p) — 1. 
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Family 1: j9-adically irreducible polynomials of depth 1 and large index. 

Let p be a prime number. Take two coprime integers n, A; G N, and r G {0, 1, . . . , \_k/n\ }. 
Define: 



Our test polynomial is obtained from Ap^n,k '■= x"' + p'^ by a linear change of the variable: 
x^x + l+ p + '- '+p"^. Hence, these two polynomials have the same discriminant: 

disc{A,,n,k,r) = disc(Ap,„,,) = (-l)"("-l)/2^V"-l)^ 

Proposition Al. Let Kp^n,k,r be the number field defined by a root of Ap^n.k,r{x) ■ 

a) mdp{Ap^n,k,r) = {k - l){n - l)/2. 

b) Vp{di?,c{Kp^n,k,r)) = nvp{n) + n - 1. 

c) pljK „kr ~ P"; where p is a prime ideal of residual degree 1. 

d) The p-adically irreducible polynomial Ap^n,k,r{x) has depth 1 and width {\k/ri\). 

Proof. Take = x + l+ p + -- -+p^. The Newton polygon of first order N^^v^{Ap^n,k,r) 
is one-sided, with end points (0, A;), (n, 0), and slope —k/n. Thus, the prime p is totally 
ramified in Kp n,k,r- Proposition 3.5 gives immediately the value of the index of Ap^n,k,r'- 

'mdp{Ap^nAr) = {k-l){n- l)/2. 

Hence, Vp{d:isc{Kp^ri,k,r)) = Vp{disc{Ap^n,k,r)) - 2 mdp{Ap^„^k,r) = nVp{n) + n - I. □ 

For k < n, these polynomials may have large degree and index, but they have small width 
(equal to 1). For k ^ n they have large width too. In the latter case, the parameter r may 
have an influence on the speed of an algorithm to save the obstruction of the high width. 
For instance, Montes algorithm performs r + 1 iterations of its main loop before reaching 
the polynomial considered in the proof of Proposition Al, as an optimal lift to Z[a;] of the 
irreducible factor x + 1 of Ap^n,k,r{x) modulo p. 

Family 2: Arbitrary number of depth 1 p-adic factors and large index. 

Let p > 3 be a prime number. Take n, k coprime positive integers such that k > nvp{n), 
and m any integer such that 1 < m < p/2. Deflne: 



A^,n,kix) = (x" + 2/)((x + 2)" + 2/) ... ((x + 2m - 2)" + 2/) + 2p 



rank 



This polynomial is irreducible over Q, since it is 2-Eisenstein. 
Lemma A2. The p -valuation of the discriminant of A^^f^{x) is: 

t;p(disc(A^„ = m{nvp{n) + k{n — 1)). 

Proof The discriminant of A{x) := + 2p^ is (_i)"{"-i)/2„"2"-V^""^^^'- Take F{x) = 
A{x)A{x + 2) . . . A{x + 2m — 2); since all these factors of F{x) are coprime modulo p: 

fp(disc(F)) = mt>p (disc (y4)) = m{nvp{n) + k{n — 1)). 

From = F + 2p'^"'^, we get fp(disc(y4"„ = fp(disc(F)), because rank > fp(disc(F)), 

by our assumption on k. □ 

Proposition A3. Let K^^^ be the number field defined by a root of A^^f,{x) 
a) indp(A^„,,)=m(A;-l)(n-l)/2. 
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b) Vp{disc{K^^ ,J) = m{nvp{n) + n - 1). 

c) pT,K^^ = Pi ■ ■ ■ Pm> (^^^ prime ideals with residual degree 1. 

d) The m p-adic factors of Ap''^^ i^{x) have depth 1 and width {\k/n\). 

Proof. Let A{x) = + 2p^, and = x. Clearly A^^f^{x) = a{x)(f){x)^ + b{x), where 
a{x) = A{x + 2) ■ ■ ■ A{x + 2m — 2) and b{x) = 2p^a{x) + 2p^'^^. Since a{x) is not divisible 
by X modulo p, this 0-development of A^^^ is admissible |HN08l Def.1.11], and it can 
be used to compute the principal Newton polygon of the first order ^^{A'^^^^i^) |HN08t 
Lem.1.12]. Since Vp{a{x)) = and Vp{b{x)) = k, this polygon is one-sided of slope —k/n. 
Hence, A^^^ f,{x) has a p-adic irreducible factor of degree n, depth 1, index {k — l){n — l)/2 
and width {\k/n\), which is congruent to a power of x modulo p, and determines a totally 
ramified extension of Qp. The same argument, applied to (pjix) = x + 2j, for 1 < j < m, 
determines all other irreducible factors of A^^^ i^{x). Since these factors are pairwise coprime 
modulo p, the index of ^™„ fc(a:) is m times the index of each local factor. This proves all 
statements of the proposition. □ 

Family 3: Low degree, two p-adic factors of depth 1, and large width and index. 

For p = 1 (mod 3) a prime number and G N, ^ (mod 3), define the polynomial 

Bp,k{x) = (x^-2x + 4f 

This polynomial is irreducible over Q. In fact, it has two irreducible cubic factors over Zp 
(by the proof of the proposition below) and it it is the cube of a quadratic irreducible factor 
modulo 3. The discriminant of Bp k{x) is 

disc(5p,fc) = -263y^ {p'' + 27) . 

Proposition A4. Let Kp ^ be the number field defined by a root of the polynomial Bp k{x). 

a) indp(i?p,fc) = 2{k - 1). 

b) ^;p(disc(fs:p,fc)) = 4. 

c) p'^Kpk ~ P^P'^j where p,p' are prime ideals of residual degree 1. 

d) The two p-adic factors of Bp^k{x) have depth 1 and width ([/c/3]). 

Proof. Let a;^ — 2x -|- 4 = (j)i{x)(f)2{x) be the factorization of — 2a; -|- 4 in Zp[a;], into 
the product of two monic linear factors. Since these factors are coprime modulo p, the 
expression Bp^k{x) = {(j)i{x))^{(j)2{x))^ + p^ is simultaneously an admissible 0j-expansion of 
-Bp^fc, for 2 = 1, 2 |HN08t Def.1.11], and we can use this development to compute the Newton 
polygons of the first order N^, ^^{Bp^^), for i = 1,2 |HN08l Lem.1.12]. Both polygons are 
one-sided of slope —k/3 and end points (0, /c), (3, 0). This proves c) and d). 



On the other hand. Proposition 3.5 shows that indp((/)i) = indp(</)2) = k — 1. Since 0i and 



(f)2 are coprime modulo p, this proves a) and b) . □ 

Family 4: Six p-adic factors of depth 3, fixed medium degree, and large index. 

Let p = 5 (mod 12) be a prime number. Take an integer k > 18 and define: 



Cp,fc(x) := ((x^ + 4px3 + 3pV + 4p2)2+p6)^+/. 
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Proposition A5. Suppose that Cp^k is irreducible over Q, and let Kp^k be the number field 
generated by one of its roots. 

a) indp(Cp,fc) = 12k + 78; 

b) Vp{disc(Kp)) = 24; 

c) pIjRp = Pi • • • p6' '^^^ prime ideals pj with residual degree 2. 

d) The six p-adic factors of Cp{x) have depth 3 and width (1, l,k — 17). 

Proof. The proof consists of an application of Montes algoritlim by liand. We leave the 
details to the reader. The algorithm outputs six Cp^fc-complete strongly optimal types of 
order 3. Three of them have the following fundamental invariants Xijipi) at each level i: 

{y; {x, -1/3,1/ + 2); (02, -1, + 3); (03 + ^P^ 17 - k,y - w)), 

where 4'2{x) = x^ + 2p, 03(x) = x^ + 4px^ + 3p'^x^ + 4p^, i G Z satisfies i"^ = —1 (mod p'^^^'^) 
and u G F*2 runs on the three cubic roots of — «(— 2)^"^ G F*. The other three complete 
types are obtained by replacing i hy —i. 

The Theorem of the index [HNOSi Thm.4.18] shows that indp(Cp_fc) = 12A; + 78. The 
computation of Vp{disc{Kp^k)) is trivial, since p is tamely ramified. □ 

Family 5: Large degree, multiple p-adic factors of depth 1 and large index and 
width. 

Let i,p be two different prime numbers and n. A; G N two coprime integers. Consider the 
polynomial: 

Di,p,n,k{^) ■= ^e{xr +p\ 

where ^e{x) = 1 + x + ■ ■ ■ + x^^^ is the i-th cyclotomic polynomial. 

Lemma A6. The p-valuation of the discriminant of Di p^n,k is: 

Vp(disc(A,p,n,fc)) = (^ - l){nvp{n) + k{n-l)). 

Proof. Let ai, . . . ,ae-i be the roots of $£(x), and (3i, . . . , f3e-2 the roots of ^'i{x). Write 
d = deg Di^p^n,k = n{l -1). 

disc(D,,p,„,,) = (-l)'^('^-i)/2 ResiMxT + n<!>e{xr-'<!>',{x)) 

= (-i)"("-')/V(/-i)'^TT ($Ka.r + /)"-^TT ($,(Ar + /) 

The term (/ — lYYl/dS^^it^i)"' + P^) is congruent, up to a sign, to disc($^)"' modulo p; thus, 
it is not divisible by p and the conclusion of the lemma follows. □ 

Proposition A7. Assume that the polynomial Di^p^n,k{x) is irreducible over Q and let 
Ke^p^n,k be the number field generated by one of its roots. Denote by f the order of p in the 
multiplicative group F^, and set g = {i — l)/f . 

a) VpimdiDe,p,n,k)) = (£ - l)(n - 1)(A; - l)/2. 

b) Vp{disc{Kf,^p^n,k)) = (^ - ^){nvp{n) + n-l). 

c) pliRe p „ fc = Pi ■ ■ ■ Pg ; fl^^ prime idals pj with residual degree f. 

d) The g p-adic factors of Di^p^n,k{x) have depth 1 and width {\k/ri\). 
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Proof. The cyclotomic polynomial $£ splits in Zp[x] into the product $^ = of g 

irreducible factors of degree /. Since these factors are coprime modulo p, the expression 
Di^p^n,k = (0i)" ■ ■ ■ {(pg)"' + p'' is simultaneously an admissible 0j-expansion of Di^p^n,k, for 
all 1 < i < g |HN08l Def.1.11], and we can use this development to compute the g Newton 
polygons of the first order A^^. ^^{,D^^p^n,k) |HN08t Lem.1.12]. All these polygons are one-sided 
of slope —k/n and end points (0, k), (n, 0). This proves c) and d). 

On the other hand, Proposition 3.5 shows that indp(0i) = /(n — 1)(A; — 1)/2, for all i. Since 
01, ... ,0c, are coprime modulo p, we have 'm.dp{Dip,n,k) = fl'indp(0i) = gf{n — l){k — l)/2. 
This proves a) and b). □ 

With a proper election of the primes p we can achieve arbitrarily large values of / and 
with the only restriction fg = i — 1. 

Family 6: p-adically irreducible polynomials of fixed large degree and depth. 

For any prime number p > 3, consider the following polynomials: 



Ep,i 




= + p 




Ep,2 




= Ep^{x] 




Ep,3 


[x) 


= Ep,2ix] 




EpA 


[x) 


= Epfi{x] 


'-^ +p'''xEp^2ix) 


Ep,5 


[x) 


= Ep^ix] 




Ep,6 


[x) 


= Ep,5{x] 


"+/«xEp,3(a;)^p,4(a;) 


Ep,7 


[x) 


= Epfiix] 


''+p''''Ep^2{x)Ep4x)Ep^5{x) 


Ep,8 




= Epjix] 


'' + {P- l)p''''''xEp,i{x)Ep,2{xyEp^3{xyEp,e{x) 



These polynomials have been built recursively through a constructive application of Montes 
algorithm. They are all irreducible over Zp and determine totally ramified extensions of Qp. 
The depth of Ep^i is i, and an Okutsu frame is given by [0i = x, 02 = Ep^i, . . . , 0j = Ep^i^i]. 
The Newton polygons Ni{Epj), for j > i, are one-sided of slope Aj, where: 



Ai 



^ A - ^ A -A - 2 A -A - ^ A - ^ A - ^ 
"2' — A3 — M — — g, As — Ae — — -, At — — -, As — —-■ 

The values of indp(-E'p,j) are given in Table [2] they have been derived from Proposition 3.5 



Families of test equations for function fields. Let J-" be a perfect field, and p an 
indeterminate. One checks easily that all polynomials of Table [l] are irreducible over J-'[p]; 
hence, they may be used to test arithmetically oriented algorithms for function fields. 
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